People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

This is about accountability of public funds. The request wants to explore how getting into seven digits to purchase a method was deemed worthwhile, and to whom this money was paid (will that recipient, for example, turn around with those funds and hack U.S. entities?).

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

I don't know about you but I haven't heard anything about useful intelligence being gathered from the now mysteriously unlocked phone. So, until they release evidence that it was useful in a meaningful way, the only answer to your question is that they should not have wasted time and money trying to unlock it in the first place.

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

I'm not upset that the FBI got into the phone. I'm upset they won't tell Apple how they did it, allowing Apple to patch a major security hole that could be used by anyone willing to pay the fee for the technique, and use it against people who believe their phones to be secure.

Had Apple's Tim Cook simply complied with the Judge instead of doubling down on a bone-headed stance on privacy, details of this sordid affair would have stayed in public view and court supervision.

Um, no. Apple received a lot of good will over what you call a "bone-headed stance on privacy". Do you really expect that if Apple had aided the FBI that everything would have been done out in the open for everyone to roundly criticize?

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

People are upset with government agencies which overstep the powers given to them by congress and waste taxpayer money. What the FBI should do is obey the law and be transparent about their fiscal responsibility.

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

I'm not upset that the FBI got into the phone. I'm upset they won't tell Apple how they did it, allowing Apple to patch a major security hole that could be used by anyone willing to pay the fee for the technique, and use it against people who believe their phones to be secure.

If the lawsuit is successful, Apple can buy the company that did it (assuming they actually did).

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

People are upset with government agencies which overstep the powers given to them by congress and waste taxpayer money. What the FBI should do is obey the law and be transparent about their fiscal responsibility.

Agencies with security responsibility would undermine their security responsibility if they were 100% transparent about their expenses. Imagine if the FBI, CIA or DOD had complete financial transparency? We'd get nothing past our enemies in the name of accountability.

While I 100% disagree with what FBI was requesting of Apple, they didn't in any way "overstep their powers" by finding a resource who could unlock a locked phone for them after being granted the legal authority to do so.

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

It makes more sense if you're more specific on what people are upset about.

- People are upset that the FBI wanted to force Apply to produce a means of bypassing the encryption on their phone in order to get into the phone, likely at Apple's own expense.

- People are upset that an agency that has a known history of spying on innocent civilians now purportedly have the ability to access a system that was thought to be secure.

- People are upset that said agency is not sharing the security hole that they used to do so, potentially leaving the data on any of the phones vulnerable to a similar attack from any other actors.

- People are upset that they spent 1.3 million dollars to access data on a phone when, given the facts of the case, the odds of the data in the phone being of any real value were extremely low.

- People are upset that the FBI conveniently made the declaration right when it became apparent that the courts might set a precedent against their ability to coerce companies in the way that they were trying to do with Apple, which (along with the absolute lack of details on what it is that they did) makes the declaration itself somewhat suspect.

The quoted filing is both eloquent and correct: we want to hold the FBI accountable for how they spend public funds.

I don't expect for a minute that the FBI will ever comply except when forced to by a federal judge, but whatever. I wouldn't hold out hope that a judge will rule for the news agencies, no matter how much it's in the public interest.

Paying consultants for complex forensics or intelligence is not new. I'm not saying its right, but they generally do not publically disclose their sources for sensitive cases, lumping under a budget category or discretionary spending. $1.2 million is a lot to me, but in a sense not that much these days.

I'm in the camp that we should have the right to know, but this actually could reasonably be categorized as a national security matter. Much more so than the majority of cover-ups they've with this policy.

Physical+logic hacking is also not new. It takes a few tools and genuinely brilliant engineers, but the concept and methods have been around forever. And once you have a device in-hand, your options are very... flexible. Obviously though, I have no idea whatever just how the heck they did it in the end.

Conspiracy time. Why the FBI won't disclose details about how they got into the phone?

Because they didn't. That is their cover story for backing down from the court case which it was looking like they were going to lose and setting a legal precedent they didn't like.

Slimey way of avoiding lying about it (not that that is below them)? They paid someone to "hack" into the phone (which they didn't do) who then told the FBI "nothing's there!". Plausible deniability?

Or maybe they magically found someone to hack into the phone at the last second against all prior claims of possibility and the suspicious timing is just coincidence.

If I remember right, there actually are plausible ways to crack the phone's encryption with current technology. It's just that they're generally regarded as being far too risky since they have a relatively high chance of causing damage that makes it outright impossible to get the data, which is why the FBI was pushing so hard on Apple rather than cracking it in the first place. It's still pretty unlikely that they suddenly just changed their minds though.

I wonder what exception the FBI used to not publicize the contract issued for this. Federal contracts are generally part of the public record. Some secret details can be omitted, but beyond that, if you issue a contract, it goes into the Federal Register.

The only way I can think of is that the only details released would be the name of the contractor and the amount. Everything else (specifically here, the Scope of Work abstract) is missing. Or is mentioned in non-descript terms, like 'Admin Services'.

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

This is about accountability of public funds. The request wants to explore how getting into seven digits to purchase a method was deemed worthwhile, and to whom this money was paid (will that recipient, for example, turn around with those funds and hack U.S. entities?).

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

I don't know about you but I haven't heard anything about useful intelligence being gathered from the now mysteriously unlocked phone. So, until they release evidence that it was useful in a meaningful way, the only answer to your question is that they should not have wasted time and money trying to unlock it in the first place.

There's been room to argue over the legal merits of the particular strategy initially attempted in this case to unlock the phone, but regarding the goal itself, what you just said makes no sense whatsoever. One can't rationally judge whether an investigation was justified in looking into a source of potential evidence purely based on the hindsight of whether it actually panned out anything useful. In other cases, criminals' phones have revealed telling information. It's an obvious place to try looking.

Not that the public would likely even know for some time. If the FBI did find anything they think might be useful (contact numbers, email addresses, whatever), do you seriously think it likely that they would be announcing it just yet? While it stands to reason that a person involved in linked activity who actually contacted the shooter on that phone (or through linked services) would likely already be taking steps to protect themselves from repercussions, the FBI probably wouldn't want to hurry to announce the details, just in case.

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

I'm not upset that the FBI got into the phone. I'm upset they won't tell Apple how they did it, allowing Apple to patch a major security hole that could be used by anyone willing to pay the fee for the technique, and use it against people who believe their phones to be secure.

If the group is revealed, couldn't Apple offer to pay THEM? Apple has set up a new program to pay for such bounties. Even if it's by invite only, surely they could consider this?

I hear in the past, all Apple did as a reward to those who reported security issues was to just pat them on the back, prompting some to sell this info to the highest bidder instead to at least get something out of their hard work.

Proper reply from the FBI:"We got a call from a guy named John Smith who said he could provide a method to unlock it if we paid cash. He demonstrated his ability to do so by unlocking a few phones we provided for the demonstration. Since his method was proven to work, we paid John in cash and unlocked the suspect's phone. If you want more details, ask John."

The caption for the article says the same thing as the title of the article. Can probably do better there..

We also still have no idea who or what the FBI used to unlock the phone.

=(

I know this post will quickly be hidden, but there are considerations here that have to be looked at rationally and legally.

First of all, I don't see that there's any compelling right for the public to know WHO the FBI paid. Nor do I see a compelling need to disclose HOW it was done to the public (AKA Apple, who likely supports, if not encouraged, the various news agencies to sue).

What I CAN see is Apple suing the FBI over details of how this was done, but keep in mind that there are no laws that compel the FBI to disclose how it was done unless the evidence obtained by the hack is directly used in a court of law. I seriously doubt that will ever happen. Any evidence likely only pointed them in a direction, and they will need further investigation to establish probable cause and obtain warrants based on that investigation.

Anonymous tips happen all the time that do this, so it's hardly unprecedented, nor is it illegal or unconstitutional.

Because this hack happened on an older iPhone, and newer ones (according to Apple) can't be hacked the same way (even though they don't know how it was done themselves), Apple's standing in a lawsuit is rapidly becoming moot. But they have far more standing for finding out how it was done than the public at large does.

I can see them winning a case at least on standing, if not the merits of their argument.

As for who did it, there's another matter that people aren't considering. The right to privacy of a company for providing services to the government. The government can be audited to determine who it does business with and how much was paid, but the entity on the other end has the same right to privacy as any other government employee. There was (apparently) nothing ILLEGAL in what transpired, so a court order to publicly disclose their identity would be pointless and easily defended against. The GAO does audits all the time, but only when improprieties have been found are the details disclosed. The rest of the time, the information is basically confidential - especially in investigations.

So, Apple has a good reason to know how it was done. They have no good reasons to know who did it. The public has no good reasons to know who did it nor how it was done. The FBI has already disclosed how much was paid, which is the only compelling thing the public would "need" to know. Given retaliatory measures often taken by companies against those who work against their interests, keeping the identity of those who aided the FBI a secret protects their right to privacy and avoids retaliatory steps a company may take against them.

This is based on precedent and current law. This is how it all works. A down-vote simply means you hate reality, which I'm fine with.

There are too many people out there who think the government we have today should tell everyone exactly what it's doing all the time everywhere. No government on Earth has ever done that, nor will they ever do that. Some secrets aren't meant for the public. As long as due process and the constitution have been followed, I'm not going to lose sleep over this.

People are upset the FBI got into the phone on their own but were also upset the FBI wanted Apple to do it. What should they have done? seems like a catch 22

People are upset with government agencies which overstep the powers given to them by congress and waste taxpayer money. What the FBI should do is obey the law and be transparent about their fiscal responsibility.

Agencies with security responsibility would undermine their security responsibility if they were 100% transparent about their expenses. Imagine if the FBI, CIA or DOD had complete financial transparency? We'd get nothing past our enemies in the name of accountability.

While I 100% disagree with what FBI was requesting of Apple, they didn't in any way "overstep their powers" by finding a resource who could unlock a locked phone for them after being granted the legal authority to do so.

This argument is at best fear mongering or misplaced trust. Honestly its just a non starter because we have already established over decades that over-broad secrecy power among law enforcement only enables wasteful spending, unethical behavior and abuse of the secrecy.

Its abused to cover everything from minor stupidity to full blown corruption and mishandling of cases rather than only protecting truly sensitive information. We really aren't any safer by letting law enforcement claim to be protected by secrecy that easily and broadly. Secrecy among law enforcement should be granted by the courts impartially on a case by case basis since they are supposed to be the check and balance to law enforcement agencies.

I think the FBI knew that Apple was going to fight them tooth and nail but looked at the longer game.

They got free advertising through the Tech Press that they were looking for vulnerabilities in Apple software and willing to pay for them. I fear this might become bigger. This is the only solution that they have mentioned to the press. They could have a lot more in their toolkit now.

Conspiracy time. Why the FBI won't disclose details about how they got into the phone?

Because they didn't. That is their cover story for backing down from the court case which it was looking like they were going to lose and setting a legal precedent they didn't like.

Slimey way of avoiding lying about it (not that that is below them)? They paid someone to "hack" into the phone (which they didn't do) who then told the FBI "nothing's there!". Plausible deniability?

Or maybe they magically found someone to hack into the phone at the last second against all prior claims of possibility and the suspicious timing is just coincidence.

More than likely they already had someone they knew could get in if they paid. They were trying to set a precedent that they could force companies to do this. So if it wasn't going their way they could just drop the case and pay to get in. At least that's my view of it.